Deep Instinct released the third edition of its annual Voice of SecOps Report, focused on the increasing and unsustainable stress levels among 1,000 C-suite and senior cybersecurity professionals across all industries and roles. The research found that 45% of respondents have considered quitting the industry due to stress, with the primary issues being an unrelenting threat from ransomware and the expectations to always be on call or available.
The research reinforced that paying a ransom remains a hotly debated topic. 38% of respondents admitted to paying a ransom, with 46% claiming their data was still exposed by the hackers; and 44% could not restore all their data even after a ransom was paid.
The great cybersecurity resignation
The job of defending against increasingly advanced threats on a daily and hourly basis is causing more problems than ever as 46% of respondents felt their stress had measurably increased over the last 12 months. This was especially the case for those working within critical infrastructure. These increased stress levels have led cybersecurity professionals to consider leaving the industry altogether, joining in the “Great Resignation,” rather than moving to a new cybersecurity role at a new employer.
- 45% admit to considering quitting the industry on at least one or two occasions
- 46% know at least one person who left cybersecurity altogether in the past year due to stress
Who’s stressed and why?
Stress is not only felt by SOC teams and others on the cyber frontlines but also among those in the C-Suite who are making the difficult decisions on how to use their available resources more efficiently.
Biggest stress culprit: Ransomware
45% of respondents said that ransomware was the biggest concern of their company’s C-Suite. The survey found that 38% of respondents admitted to paying up in order to receive the encryption key primarily to avoid downtime (61%) or bad publicity (53%). However, paying the ransom did not guarantee a resolution post-attack in many cases.
Of those reporting that a payment was made:
- 46% claimed to still have their data exposed by the hackers
- 44% couldn’t restore all their data
- Only 16% claimed to have no further issues to date
In response to these issues with ransomware payment, 73% of respondents claimed they would not pay a ransom in the future.
Among those who claimed they would still pay a ransomware demand in the future, widespread fear remained that they would be trouble-free in the future.
The fear of paying a ransom in the future included the following:
- 75% do not expect to have all their data restored
- 54% fear the criminals will still make the exfiltration of data public knowledge, and
- 52% fear the attackers will have installed a back door and will return
“Considering that the constant waves of cyber-attacks are likely to become more common and evasive as we move forward, it’s of the utmost importance to ensure that those who dedicate their careers and lives to defending our businesses and country don’t become overly stressed and give up,” said Guy Caspi, CEO of Deep Instinct.
“By adopting and utilizing new defensive techniques, like artificial intelligence and deep learning, we can help the cybersecurity community mitigate one of the most important issues that is often overlooked by many: the people behind the keyboard.”
Is AI the new “stress ball”?
There is growing acknowledgement that artificial intelligence (AI)-enabled tools are highly effective in combatting sophisticated attacks such as ransomware. AI is recognized as having the potential to reduce critical productivity challenges like reducing false positives that will allow teams to focus their time and resources on more critical cyber defense issues.
- 53% agree that “they need greater automation through AI/ML to improve security operations”
- 82% would rather depend on AI than humans to hunt threats
- Only 6% claim they “don’t trust AI”
27% of respondents claimed their false positive rate has increased over the past year and 26% admitted to turning off alerts altogether because they’re overwhelmed and don’t have the time to pay attention to them – leaving their organization with critical security vulnerabilities. Developing a better balance between “assume breach” and prevention to reduce false positives was cited by 47% of the respondents to improve their overall security posture.